ClamUI is a modern graphical front-end for ClamAV. Real scan profiles, a hash-verified quarantine, a system security audit — packaged like a proper GNOME app, with nothing phoning home.
GTK4 + libadwaita. Follows your system theme, your font size, your accent — not a repackaged Electron web app.
No analytics, no crash reporters, no metrics. VirusTotal is opt-in and API keys live in your system keyring.
Beyond AV: firewall & MAC audit, rootkit heuristics, scheduled scans via systemd timers, on-access via clamonacc.
MIT-licensed. Built in the open on GitHub. Contributions and issues welcome; no enterprise upsell behind the next click.
Six things ClamUI does that the command line can't — or won't.
Go beyond virus scanning. ClamUI inspects your system's posture the way a Linux-savvy admin would — firewall, MAC (AppArmor/SELinux), SSH hardening, rootkit checks, and more.
Save the scans you actually run. Quick Scan, Full Scan, Home Folder, or hand-crafted profiles with per-profile exclusions and targets — ready in one click.
Infected files are moved with restrictive permissions and SHA-256 hashed. Restore only if integrity checks pass — no silent tampering.
Paginated scan history with full result dumps, plus a dashboard of what's been caught, when, and where — so you're never guessing.
Modular preferences pages surface the ClamAV settings that actually matter — freshclam, on-access (clamonacc), scheduled scans, VirusTotal — without dumping the full clamd.conf on you.
Enrich detections with a second opinion. API keys live in your system keyring — never in plain-text config. Off by default.
The most common comment about desktop AV on Linux is that it's unnecessary. That's half true — and the other half is where ClamUI earns its place.
Desktop Linux malware is rare — but files don't stop at your laptop. If you share documents with Windows or macOS users, run a mail server, use Wine, mount network shares, or pull third-party installers, you're a vector whether or not you're a victim. ClamUI catches infected files before you forward them on.
ClamAV is an excellent engine shipped with most distros, but it's historically been CLI-only. ClamUI is a proper desktop interface around it: progress, profiles, quarantine, scheduled scans, file-manager integration — with none of the engine hidden from you.
No, not unless you explicitly enable the VirusTotal integration. Scanning, quarantine, and audit all run locally. Updates go to the official ClamAV mirrors via freshclam — the same source distro packages use.
Three things: a system security audit beyond virus scanning, a SHA-256-verified quarantine with a proper restore path, and native Adwaita rendering on both GNOME and Plasma. It's designed as a Linux desktop app first, not a Windows AV port.
Pick the channel your distro uses. ClamUI itself is the UI — it'll detect ClamAV on your system, tell you if it's missing, and print the exact command to fix it.
Works on every distro. Sandboxed. Auto-updates via Flathub.
flatpak install flathub io.github.linx_systems.ClamUI
flatpak run io.github.linx_systems.ClamUINative packages for Debian 12+, Ubuntu 22.04+, Linux Mint, Pop!_OS.
# Download the latest .deb from GitHub Releases, then:
sudo apt install ./clamui_0.1.7_amd64.debSingle-file bundle with GTK4 + Python. Requires ClamAV on host.
chmod +x ClamUI-0.1.7-x86_64.AppImage
./ClamUI-0.1.7-x86_64.AppImagePython 3.11+, GTK4, libadwaita, uv. See docs/DEVELOPMENT.md.
git clone https://github.com/linx-systems/clamui.git
cd clamui
uv sync --dev
uv run clamuiImport the project's public key once, then verify each download with dpkg-sig.
# Import the signing key (one-time)
curl -fsSL https://raw.githubusercontent.com/linx-systems/clamui/master/signing-key.asc \
| gpg --import
# Verify — expect: GOODSIG _gpgbuilder <fingerprint>
dpkg-sig --verify clamui_*.debAppImages carry the signature inside the bundle. A quick check prints key info; the AppImageKit validator does a full verification.
# Quick check — prints signer info
./ClamUI-*.AppImage --appimage-signature
# Full validation
wget https://github.com/AppImage/AppImageKit/releases/download/continuous/validate-x86_64.AppImage
chmod +x validate-x86_64.AppImage
./validate-x86_64.AppImage ./ClamUI-*.AppImageFlatpak needs no manual step — Flathub verifies signatures automatically during install. Source builds are verified by their Git commit; tagged releases are signed, so git tag -v v0.1.7 confirms authorship.